Uber has publicly announced a major privacy breach from a year ago.

Uber released a statement yesterday that revealed in October of 2016, hackers successfully stole information from 57 million Uber customers and drivers. Former CEO Travis Kalanick was informed of the hack just one month after it happened but was concealed by Chief Security Officer Joe Sullivan.

Uber apparently paid the hackers $100,000 to delete all the stolen data and not share any of the information. The company has declined to reveal who the hackers are.

“None of this should have happened, and I will not make excuses for it,” current CEO Dara Khosrowshahi, who replaced Travis as chief exec back in September, writes. “We are changing the way we do business.” Uber reportedly declined to identify the attackers.

The hackers were able to pull names, email addresses, and phone numbers of more than 50 million riders worldwide. More than 7 million drivers had similar data exposed on top of driver’s license numbers for around 600,000 US drivers. The statement reads that Uber is individually notifying the drivers whose driver’s license numbers were downloaded and will be providing them with free credit monitoring and identity theft protection.

"While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection."

“At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts,” Dara explains. “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”